Son zamanlarda, Türk bankacılık kullanıcılarını hedef aldığı anlaşılan ThiefBot adında bir zararlı tespit edilmiştir. Aşağıda zararlıya ait olduğu bilinen APK dosyalarına ilişkin hash ve hostname bilgileri yer almaktadır.
İstismar edilen uygulamalar aşağıdaki gibidir:
Hash Tipi | Hash Bilgisi |
---|---|
SHA-256 | 7bf12ce87f1be65f14289fe4f9a7fe4c79b145ec8dd8b1d88ce3faf9036b1836 |
MD5 | e88867956017bbe5b633811885c87018 |
SHA-256 | 53c61f06f021020b0d83de724968975ea2a79d4d62b608868addc4edd47b0a37 |
MD5 | fe99a89267f61207198bfe022234096e |
SHA-256 | 83025d0d3fbb111931950c36f7de5fe916ddc2b30b75c1a3962372c8308a9044 |
MD5 | 1ad3b30d7c94c10730c43837349367a5 |
SHA-256 | bd304f13b12701d7aeabc5e1310c19250ad5cf542a63d4ceb77d566a2e377a09 |
MD5 | fb4b55f698dab5bbf71961295ee13565 |
SHA-256 | 7ccd22a35efd332504aef9984b70cd9795e44d1f7cfa19271c060fba249ff817 |
MD5 | 3dd87a8ad738953c07413dfb57f45e92 |
SHA-256 | da71a9b436e0491cecda35999169e5221fd2163199482e152b5d3e5d00cd68c3 |
MD5 | f2fa90ae9c9ead0122944a53c77453f1 |
SHA-256 | 63ffe3ca82fd3abf13dbccb58b8b5bdd7214ed3a58f9e974476d1c7fbf785310 |
MD5 | 70fe34f6118222532ba2c2543282e160 |
SHA-256 | 230fecbe4a0989edc1853664cd2f0eec6e9e9bd7f422bf1f51923532d811ac15 |
MD5 | f54c28924ff071bd5dad92204c039f97 |
SHA-256 | 05e2dd7d0165024db4e928c0b801680091a668c68b7e51f1a2736aaf570d9ff5 |
MD5 | 97a0313a8484791faddeed19e6625107 |
SHA-256 | d7015a26535ae35ec43e199fa5fe1617e4309e828846a873efa169c221f2de7a |
MD5 | b6f6ca8bf653ba60bf3759cb6936f14a |
SHA-256 | 66d7a8063966100c30f159f2be542aaa357b647f0668dd9a5526a82325f20dc5 |
MD5 | ae477a5d1a41794c8d68adfe958bed7a |
Hostname | botnetandroidtools[.]000webhostapp[.]com |
Hostname | ravangame[.]beget[.]tech |
Hostname | sinia24[.]000webhostapp[.]com |
APK | khjjhkghkg.yulyuuyklyuky |
Kaynak: